systemd/.lgtm/cpp-queries/fgets.ql

/**
 * @name Use of fgets()
 * @description fgets() is dangerous to call. Use read_line() instead.
 * @kind problem
 * @problem.severity error
 * @precision high
 * @id cpp/fgets
 * @tags reliability
 *       security
 */
import cpp

predicate dangerousFunction(Function function) {
  exists (string name | name = function.getQualifiedName() |
    name = "fgets")
}

from FunctionCall call, Function target
where call.getTarget() = target
  and dangerousFunction(target)
select call, target.getQualifiedName() + " is potentially dangerous"
lgtm: add a custom query for catching the use of fgets As everybody knows, nodoby really reads CODING_STYLE (especially the last paragraph :-)) so let's utilize LGTM to help us catch the use of fgets. 2018-10-26 12:19:09 +03:00			`/**`
			`* @name Use of fgets()`
			`* @description fgets() is dangerous to call. Use read_line() instead.`
			`* @kind problem`
			`* @problem.severity error`
			`* @precision high`
			`* @id cpp/fgets`
			`* @tags reliability`
			`* security`
			`*/`
			`import cpp`

			`predicate dangerousFunction(Function function) {`
			`exists (string name \| name = function.getQualifiedName() \|`
			`name = "fgets")`
			`}`

			`from FunctionCall call, Function target`
			`where call.getTarget() = target`
			`and dangerousFunction(target)`
			`select call, target.getQualifiedName() + " is potentially dangerous"`